package org.example.clouddemo.config; // 请确保这个包名和您文件的实际路径一致

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter { // 关键点1：继承 WebSecurityConfigurerAdapter

/*    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }*/

    

    @Override // 关键点2：重写 configure 方法，而不是创建一个Bean
    protected void configure(HttpSecurity http) throws Exception {
        // 在这里进行所有安全配置
        // 这是旧版本中正确的、非Lambda的写法
        http.csrf().disable() // 关闭CSRF
                .authorizeRequests() // 开始配置授权
                .anyRequest().permitAll(); // 允许所有请求，权限控制在拦截器中进行
    }





}
